Add support for GPG Keys API #429
Conversation
sebasslash
force-pushed
the
sebasslash/gpg-key-api
branch
from
e8025c1
to
5e1fab7
Compare
gpg_key.go
Outdated
| return nil, err | ||
| } | ||
|
|
||
| req, err := s.client.newRequest("POST", "/api/registry/private/v2/gpg-keys", &options) |
There was a problem hiding this comment.
When we talked about these URLs last week, did we say that we would create a new request type for the private registry API endpoint? 🤔 I didn't take notes so I'm not remembering unfortunately.
There was a problem hiding this comment.
Yep! but these improvements will be made after the fact since they are only internal changes.
| assert.Equal(t, gpgKey.KeyID, updatedKey.KeyID) | ||
| assert.Equal(t, updatedKey.Namespace, provider2.Organization.Name) | ||
|
|
||
| // Cleanup |
|
|
||
| gpgKey, _ := createGPGKey(t, client, org, provider) | ||
|
|
||
| t.Run("when a key exists", func(t *testing.T) { |
There was a problem hiding this comment.
What do you think about adding a test if the key doesn't exist or is invalid?
There was a problem hiding this comment.
This will return a 404, however we don't need to add a test for this. The reason being is the client in client.do() decodes the headers and returns the appropriate generic error. In this case that would be ErrResourceNotFound.
| } | ||
|
|
||
| u := fmt.Sprintf("/api/registry/private/v2/gpg-keys/%s/%s", | ||
| url.QueryEscape(keyID.Namespace), |
There was a problem hiding this comment.
When I was reading the docs, I noticed this line: Only the namespace attribute can be updated, and namespace has to match an organization the user has permission to access. I'm curious if the API returns an error if a namespace doesn't match an org the user has permission to access? Would this be something we would want to add a test for? The reason I suggest adding a test is because this detail could be overlooked by someone using this API, and they might see a test. I also admit that we don't want to cross a boundary if it doesn't make sense. What do you think? 🤔
There was a problem hiding this comment.
Good catch and this makes way more sense here as we want to test for an error that's specific to this resource! I've added a check in the error handler for client.do() inside GPGKeys.Update() where if the body's message contains namespace is not authorized it will return ErrNamespaceNotAuthorized. I've also added the corresponding test.
sebasslash
force-pushed
the
sebasslash/gpg-key-api
branch
2 times, most recently
from
9c7f6d2
to
82712d4
Compare
gpg_key.go
Outdated
| return nil, err | ||
| } | ||
|
|
||
| u := fmt.Sprintf("/api/registry/private/v2/gpg-keys/%s/%s", |
There was a problem hiding this comment.
I have mixed thoughts on not taking a parameter for the registry-name (which must be private). The API docs specify this as a parameter, and this is a parameter for the private registry provider APIs. What are your thoughts about this @sebasslash ?
There was a problem hiding this comment.
Hmm, well since it's always going to be private, I'd rather not expose it as part of the interface.
sebasslash
force-pushed
the
sebasslash/gpg-key-api
branch
4 times, most recently
from
07c1e52
to
9be5c23
Compare
sebasslash
force-pushed
the
sebasslash/gpg-key-api
branch
from
9be5c23
to
40f0876
Compare
|
Reminder to the contributor that merged this PR: if your changes have added important functionality or fixed a relevant bug, open a follow-up PR to update CHANGELOG.md with a note on your changes. |
Adds support for the GPG Keys API
This PR also modifies the client to support the registry base path:
/api/registry. To keep the client's internal interface consistent I've added an extra check innewRequest()that will parse thepathvariable; if a request is made to the Private Registry API the url must explicitly contain the base path so that the client can set the appropriate registry base path. As far as the TFC/E API is concerned, the GPG Key endpoints are the only ones that use the registry's default path.To run individual tests: